package com.itheima.reggie.filter;


import com.alibaba.fastjson.JSON;
import com.itheima.reggie.common.BaseContext;
import com.itheima.reggie.common.R;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.AntPathMatcher;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 使用锅炉器进行登录验证
 */
//设置过滤器名称和拦截路径
@WebFilter(filterName = "LoginCheckFilter",urlPatterns = "/*")
@Slf4j
public class LoginCheckFilter implements Filter {

    //定义一个路径匹配器
    public static final AntPathMatcher PATH_MATCHER=new AntPathMatcher();
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request=(HttpServletRequest) servletRequest;
        HttpServletResponse response=(HttpServletResponse) servletResponse;

        //1.获取用户的请求路径
        String requestURI = request.getRequestURI();
        //2.判断请求路径是否要放行
        //设置要放行的路径
        String [] passUrls=new String[]{

                "/employee/login",
                "/employee/logout",
                "/common/**",
                //放行所有静态页面
                 "/backend/**",
                "/front/**",
                //放行用户端登录请求，获取验证码
                "/user/sendMsg",
                "/user/login"
        };
        Boolean check = check(requestURI, passUrls);
        //要是为true就放行
        if (check){
            filterChain.doFilter(request,response);
            return;
        }
        //3.不放行就判断判断用户是否登录

        //4.1判断后端用户是否登录
        //当时我们登录的时候session的key为employee
        Long employee_id = (Long) request.getSession().getAttribute("employee");
        //4.登录了就放行
        if (employee_id!=null){

            //将id放入到ThreadLocal中
            BaseContext.setCurrentId(employee_id);
            //已经登录，放行
            filterChain.doFilter(request,response);
            return;
        }

        //4.1判断后端用户是否登录
        //当时我们登录的时候session的key为employee
        Long user_id = (Long) request.getSession().getAttribute("user");
        //4.登录了就放行
        if (user_id!=null){

            //将id放入到ThreadLocal中
            BaseContext.setCurrentId(user_id);
            //已经登录，放行
            filterChain.doFilter(request,response);
            return;
        }
        //5.没登录就给前端返回R对象数据,通过输出流写
        //需要将对象转为json数据
        response.getWriter().write(JSON.toJSONString(R.error("NOTLOGIN")));//这里返回什么要看前端的request.js中响应拦截器msg是什么
        //跳转页面是前端的事情，我们要做的是把数据传过去，前端通过数据来判断是否需要跳转页面
        return;

    }

    /**
     * 判断请求路径是否要放行
     * @param requestUri
     * @param url
     * @return
     */
    public Boolean check(String requestUri ,String url[]){
        for (String s : url) {
//            String pattern, String path,注意pattern在前面
            boolean match = PATH_MATCHER.match(s,requestUri);
            if (match){
                return true;
            }
        }
        return false;
    }
}
